const express = require('express');
const router = express.Router();
const roleController = require('../controllers/roleController');
const { authenticate, authMiddleware } = require('../middlewares/auth');
const { hasPermission } = require('../middlewares/permissionMiddleware');

// 获取所有角色
router.get('/', authMiddleware, hasPermission('role:list'), roleController.getAllRoles);

// 获取所有权限
router.get('/permissions', authenticate, hasPermission(['role:list', 'role:create', 'role:update']), roleController.getAllPermissions);

// 获取单个角色
router.get('/:id', authMiddleware, hasPermission('role:list'), roleController.getRoleById);

// 创建角色
router.post('/', authMiddleware, hasPermission('role:create'), roleController.createRole);

// 更新角色
router.put('/:id', authMiddleware, hasPermission('role:update'), roleController.updateRole);

// 删除角色
router.delete('/:id', authMiddleware, hasPermission('role:delete'), roleController.deleteRole);

module.exports = router; 